MX2017005182A - Método para tener acceso a un servicio, primer dispositivo, segundo dispositivo y sistema correspondientes. - Google Patents

Método para tener acceso a un servicio, primer dispositivo, segundo dispositivo y sistema correspondientes.

Info

Publication number
MX2017005182A
MX2017005182A MX2017005182A MX2017005182A MX2017005182A MX 2017005182 A MX2017005182 A MX 2017005182A MX 2017005182 A MX2017005182 A MX 2017005182A MX 2017005182 A MX2017005182 A MX 2017005182A MX 2017005182 A MX2017005182 A MX 2017005182A
Authority
MX
Mexico
Prior art keywords
transaction data
signature
partial
data
character
Prior art date
Application number
MX2017005182A
Other languages
English (en)
Other versions
MX369305B (es
Inventor
Karlisch Thierry
AKHTARY Siavosh
Gullberg Peter
Original Assignee
Gemalto Sa
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Gemalto Sa filed Critical Gemalto Sa
Publication of MX2017005182A publication Critical patent/MX2017005182A/es
Publication of MX369305B publication Critical patent/MX369305B/es

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06KGRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K7/00Methods or arrangements for sensing record carriers, e.g. for reading patterns
    • G06K7/10Methods or arrangements for sensing record carriers, e.g. for reading patterns by electromagnetic radiation, e.g. optical sensing; by corpuscular radiation
    • G06K7/14Methods or arrangements for sensing record carriers, e.g. for reading patterns by electromagnetic radiation, e.g. optical sensing; by corpuscular radiation using light without selection of wavelength, e.g. sensing reflected white light
    • G06K7/1404Methods for optical code recognition
    • G06K7/1408Methods for optical code recognition the method being specifically adapted for the type of code
    • G06K7/14131D bar codes
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06KGRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K7/00Methods or arrangements for sensing record carriers, e.g. for reading patterns
    • G06K7/10Methods or arrangements for sensing record carriers, e.g. for reading patterns by electromagnetic radiation, e.g. optical sensing; by corpuscular radiation
    • G06K7/14Methods or arrangements for sensing record carriers, e.g. for reading patterns by electromagnetic radiation, e.g. optical sensing; by corpuscular radiation using light without selection of wavelength, e.g. sensing reflected white light
    • G06K7/1404Methods for optical code recognition
    • G06K7/1408Methods for optical code recognition the method being specifically adapted for the type of code
    • G06K7/14172D bar codes
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/10Payment architectures specially adapted for electronic funds transfer [EFT] systems; specially adapted for home banking systems
    • G06Q20/108Remote banking, e.g. home banking
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions
    • G06Q20/40145Biometric identity checks
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4018Transaction verification using the card verification value [CVV] associated with the card
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0807Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/18Network architectures or network communication protocols for network security using different networks or channels, e.g. using out of band channels
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/068Authentication using credential vaults, e.g. password manager applications or one time password [OTP] applications
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/069Authentication using certificates or pre-shared keys
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • H04L9/3249Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using RSA or related signature schemes, e.g. Rabin scheme

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Computer Security & Cryptography (AREA)
  • Accounting & Taxation (AREA)
  • Physics & Mathematics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Finance (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • General Business, Economics & Management (AREA)
  • Strategic Management (AREA)
  • General Engineering & Computer Science (AREA)
  • Computing Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Toxicology (AREA)
  • Artificial Intelligence (AREA)
  • Computer Vision & Pattern Recognition (AREA)
  • Electromagnetism (AREA)
  • Development Economics (AREA)
  • Economics (AREA)
  • Power Engineering (AREA)
  • Telephonic Communication Services (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
  • Cash Registers Or Receiving Machines (AREA)

Abstract

La invención se refiere a un método para tener acceso a un servicio; de acuerdo con la invención, el método comprende los siguientes pasos. a) Un primer dispositivo recibe, desde un segundo dispositivo, datos relacionados con una transacción, como datos de transacción completos. b) El primer dispositivo genera una primera firma utilizando los datos de transacción completos, un primer algoritmo y una primera clave. c) El primer dispositivo modifica al menos un carácter de los datos de transacción completos y obtiene datos de transacción parciales. d) El primer dispositivo envía al segundo dispositivo los datos de transacciones parciales. e) El segundo dispositivo solicita a un usuario que modifique los datos de transacción parciales proporcionando al menos un carácter, como datos complementarios a los datos de transacción parciales. f) El segundo dispositivo obtiene, como una respuesta a la solicitud de un usuario, al menos un carácter para modificar los datos de transacción parciales, un resultado correspondiente siendo los datos de transacción modificados propuestos. g) El segundo dispositivo genera una segunda firma utilizando los datos de transacción modificados propuestos, el primer algoritmo y la primera clave. h) El segundo dispositivo envía al primer dispositivo la segunda firma. i) El primer dispositivo verifica si la segunda firma coincide o no coincide con la primera firma, después el primer dispositivo autoriza llevar a cabo una transacción correspondiente. La invención también se refiere a un primer dispositivo, segundo dispositivo y sistema correspondientes.
MX2017005182A 2014-10-21 2015-10-20 Método para tener acceso a un servicio, primer dispositivo, segundo dispositivo y sistema correspondientes. MX369305B (es)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
EP14306670.2A EP3013014A1 (en) 2014-10-21 2014-10-21 Method for accessing a service, corresponding first device, second device and system
PCT/EP2015/074280 WO2016062727A1 (en) 2014-10-21 2015-10-20 Method for accessing a service, corresponding first device, second device and system

Publications (2)

Publication Number Publication Date
MX2017005182A true MX2017005182A (es) 2017-12-14
MX369305B MX369305B (es) 2019-11-05

Family

ID=51862242

Family Applications (1)

Application Number Title Priority Date Filing Date
MX2017005182A MX369305B (es) 2014-10-21 2015-10-20 Método para tener acceso a un servicio, primer dispositivo, segundo dispositivo y sistema correspondientes.

Country Status (7)

Country Link
US (1) US10263973B2 (es)
EP (2) EP3013014A1 (es)
JP (1) JP6462121B2 (es)
KR (1) KR101991600B1 (es)
CN (1) CN107005573B (es)
MX (1) MX369305B (es)
WO (1) WO2016062727A1 (es)

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB201611698D0 (en) * 2016-07-05 2016-08-17 Eitc Holdings Ltd Blockchain-implemented control method and system
CN106291958B (zh) 2016-10-21 2021-04-23 京东方科技集团股份有限公司 一种显示装置及图像显示方法
US11074325B1 (en) * 2016-11-09 2021-07-27 Wells Fargo Bank, N.A. Systems and methods for dynamic bio-behavioral authentication
CN106485184B (zh) * 2016-11-29 2018-12-14 北京慧眼智行科技有限公司 一种扫码方法和装置
US10223723B1 (en) * 2018-05-04 2019-03-05 Capital One Services, Llc Managing transaction state data
US11443292B2 (en) 2019-08-01 2022-09-13 Capital One Services, Llc Transaction card with integrated USB device
US12284176B2 (en) 2022-09-30 2025-04-22 Thales Dis Cpl Usa, Inc. System and method of imaged based login to an access device
TWI894120B (zh) * 2025-05-16 2025-08-11 美商奧丁丁美國股份有限公司 利用非對稱密碼技術確保資訊準確性之支付管理系統

Family Cites Families (18)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6675152B1 (en) * 2000-09-13 2004-01-06 Igt Transaction signature
FR2827448B1 (fr) * 2001-07-12 2003-12-19 Gemplus Card Int Procede assurant une garantie de paiement pour le commerce electronique notamment par telephone mobile et systeme de mise en oeuvre
US20040186912A1 (en) * 2003-03-20 2004-09-23 International Business Machines Corporation Method and system for transparently supporting digital signatures associated with web transactions
WO2005109360A1 (en) * 2004-05-10 2005-11-17 Hani Girgis Secure pin entry using personal computer
EP1599008B1 (en) * 2004-05-19 2008-03-05 Alcatel Lucent Method of providing a signing key for digitally signing, verifying or encrypting data
EP1807966B1 (en) * 2004-10-20 2020-05-27 Salt Group Pty Ltd. Authentication method
JP2007328381A (ja) * 2006-05-09 2007-12-20 Ids:Kk ネットバンキングにおける認証システム及び方法
US20090069049A1 (en) * 2007-09-12 2009-03-12 Devicefidelity, Inc. Interfacing transaction cards with host devices
TW200919323A (en) * 2007-09-21 2009-05-01 Silverbrook Res Pty Ltd Method of imaging a coding pattern having registration symbols
EP2194490A1 (fr) * 2008-11-28 2010-06-09 Gemalto SA Objet portable intelligent comportant des données de personnalisation graphique
US8719905B2 (en) * 2010-04-26 2014-05-06 Authentify Inc. Secure and efficient login and transaction authentication using IPhones™ and other smart mobile communication devices
US8433914B1 (en) * 2010-02-25 2013-04-30 Emc Corporation Multi-channel transaction signing
CN102075547B (zh) * 2011-02-18 2014-03-26 天地融科技股份有限公司 动态口令生成方法及装置、认证方法及系统
CN102184495B (zh) * 2011-04-21 2016-09-28 天地融科技股份有限公司 一种网络支付方法及系统
CN102202300B (zh) * 2011-06-14 2016-01-20 上海众人网络安全技术有限公司 一种基于双通道的动态密码认证系统及方法
US20130117087A1 (en) * 2011-11-07 2013-05-09 Apriva, Llc System and method for authenticating electronic transaction instruments
EP2645314A1 (en) * 2012-03-28 2013-10-02 Gemalto SA Method, device and system for managing a provision of energy
US8770478B2 (en) * 2013-07-11 2014-07-08 Scvngr, Inc. Payment processing with automatic no-touch mode selection

Also Published As

Publication number Publication date
MX369305B (es) 2019-11-05
KR101991600B1 (ko) 2019-06-20
JP2017536030A (ja) 2017-11-30
EP3013014A1 (en) 2016-04-27
WO2016062727A1 (en) 2016-04-28
CN107005573A (zh) 2017-08-01
EP3210359B1 (en) 2018-08-01
EP3210359A1 (en) 2017-08-30
CN107005573B (zh) 2020-07-28
US20170310654A1 (en) 2017-10-26
KR20170072290A (ko) 2017-06-26
US10263973B2 (en) 2019-04-16
JP6462121B2 (ja) 2019-01-30

Similar Documents

Publication Publication Date Title
MX369305B (es) Método para tener acceso a un servicio, primer dispositivo, segundo dispositivo y sistema correspondientes.
MX383704B (es) Método, dispositivo, servidor y sistema para autenticar a un usuario.
EP3994594A4 (en) SYSTEM, METHOD AND COMPUTER PROGRAM FOR ENABLING CONDUCT BASED ON USER AUTHORIZATION
MY172909A (en) Authentication apparatus, authentication system, and authentication method
GB2537288A (en) System, and methods for implementing retail processes based on machine-readable images and user gestures
EP4246926A3 (en) Domain name operation verification code generation and/or verification
MX2019011549A (es) Metodo, aparato y sistema de consenso de cadena de bloque.
MX2015013352A (es) Sistema de autenticacion de ocupantes de un vehiculo.
WO2015107383A3 (en) Role-based anonymization
PH12017500192B1 (en) Methods and systems for distributing orders
EP4236196A3 (en) In-vehicle network system, fraud-sensing electronic control unit, and anti-fraud method
MX351679B (es) Metodo y sistema para el estacionamiento de vehiculos.
WO2016145449A3 (en) Client services for applied key management systems and processes
JP2017504992A5 (es)
WO2017117520A8 (en) A method, system and apparatus using forward-secure cryptography for passcode verification
WO2016048129A3 (en) A system and method for authenticating a user based on user behaviour and environmental factors
WO2015170182A3 (en) Publication review user interface and system
IN2014CH00681A (es)
FR3028979B1 (fr) Procede de controle d'acces a un systeme de production d'un systeme informatique non connecte a un systeme d'information dudit systeme informatique
GB2549614A (en) Auditing of web-based video
SG10201907122UA (en) Service implementation
EP4407935A3 (en) Apparatus and method for predictive token validation
PH12020500210A1 (en) Authorization method for displaying current permissions status of all system users
FI20145650A7 (fi) Lukkojärjestelmä ja sähköisten avainten luonti lukkojärjestelmässä
SG11202102793WA (en) System, method, and computer program product for secure, remote transaction authentication and settlement

Legal Events

Date Code Title Description
HH Correction or change in general
FG Grant or registration